Back in November 2014, the Sony hack scandal made the headlines and stayed in the spotlight for quite some time, but the culprits who introduced themselves as the Guardians of Peace weren't exactly identified – until today, that is.
Kaspersky worked with Novetta and AlienVault and started Operation Blockbuster to get to the bottom of things, discovering that a "well-resourced" band of hackers that the trio dubbed as the Lazarus Group was behind the cyber attack.
According to the security companies, the hacking group has been targeting government entities and banks in the United States and South Korea since 2009. However, they did not make any direct link between the Lazarus Group and North Korea, which the FBI suspects as the financier of the Sony attack because of "The Interview," a comedy movie that depicts how U.S. government authorities are plotting to assassinate North Korean leader Kim Jong-un.
"What we've found clearly communicates a very well-resourced organization that is extremely well-motivated, extremely well-organized and has demonstrated since 2009 their ability to operate," Andre Ludwig, senior technical director at Novetta, says.
Kaspersky explains how the firms were able to pinpoint the wrongdoers.
"The attackers were actively re-using their developments: they borrowed fragments of a code from one malicious program and implemented it into another. Besides, droppers - the special files used to install different variations of a malicious payload - all kept data within a protected ZIP archive. The password was one and the same in many different campaigns. In fact, it was hardcoded into the dropper," the security group says.
The researchers also discovered that there was evidence of the Lazarus Group's malware in other countries, including Brazil, China, India, Russia and Turkey.
Before this development came to light, nothing as substantial has surfaced, but it's worth noting that there have been some interesting theories that security experts have proposed. The speculations range from a mere marketing ploy to the attack being an inside job, which the FBI refuses to acknowledge.
The whole ordeal is measured to have held back Sony by about $15 million. Aside from the losses, the company also saw sensitive information leaked, including private email conversations and unreleased films. It also eventually led to the resignation of Sony Pictures Entertainment co-chairperson Amy Pascal.
Long story short, it's still a mystery whether North Korea is the instigator of the Sony attack, but the efforts of the three are definitely a big leap forward in clearing everything up.